Smart buildings offer huge benefits for businesses and occupants, but they also introduce a whole litany of potential cyberthreats with which building managers and security teams must contend. After all, when everything is connected to the Internet of Things (IoT), even blinds become a possible entry point for a determined hacker.
Intelligent buildings are based on that convergence of physical assets and IT systems. This can improve productivity, wellbeing, and sustainability, and cut costs, but if left unsecured can make buildings vulnerable to malicious actors who can exploit these new potential openings to access company data. This, in turn, requires a converged approach to security.How can hackers attack smart buildings?
It’s becoming easier than ever for cybercriminals to exploit unsecured smart building technologies, and tools like Shodan are fast becoming their bread and butter. Shodan allows anybody to discover the IP addresses thousands of unsecured IoT-connected devices via a simple search. Indeed, in February last year, around 35,000 building automation systems from across the globe appeared in Shodan. This number can only increase as the technology is adopted in more buildings.
Tools like Shodan allow ‘siegeware’ to become a credible threat. Siegeware is a term coined recently to describe a kind of ransomware attack against a smart building due to its functional similarity to a medieval army besieging a castle. It involves extorting a company by threatening to shut down the functionality of a building automation system they have gained access to by exploiting poorly-secured remote access.
A sophisticated hacker can do this fairly simply using the IP addresses they discover to find a host of devices and monitoring systems, and use that to, for instance, request remote access and take control of a building in order to extract a ransom, or even fraudulently send a technician to gain physical access to a building. They can then demand a hefty fee to relieve the ‘siege’, probably paid in cryptocurrency.How can building managers protect smart buildings?
There are several simple steps that can make a huge difference to your building security. For instance, the first thing a building manager can do is ensure their automation system’s IP address is hidden behind a firewall, rather than publicly available. That would immediately remove it from Shodan’s searchable lists.
They can also restrict direct access to the ‘front-end’ of a system, making it harder for criminals to gain access by exploiting the human error and credulity of employees via fraudulent emails and social media. It is also imperative to give every user has the correct level of access—ordinary employees, for instance, should not have admin privileges—and has a unique password and username known only to them.
Furthermore, audits should be regularly performed to eliminate vulnerable connections. In one example, hackers gained access to a printer that had an unsecured connection to a wireless network—the company didn’t realise it hadn’t been disconnected—and they remotely printed out a false bomb threat that cost the company significant revenues and reputational damage. A subsequent audit revealed the connection had not been disconnected, forcing the company to change its practices.How does cybersecurity automation work?
Cybersecurity automation is becoming more commonplace, not just for reducing costs and manpower, but also to more easily and efficiently respond to threats. It can handle everything from detection to response, eliminating inefficiencies, raising response time, and allowing cybersecurity professionals to spend less time on routine tasks.
It’s a fairly simple concept: cybersecurity automation will undertake a number of ‘banal’ tasks that would have previously been a significant time sink for the security team, such as monitoring emails, reverse engineering malware, removing malware, making vulnerability assessments, performing VM snapshots, detecting threats and containing issues. It can potentially do these tasks in mere seconds, requiring no additional action.
This makes a huge difference when protecting smart buildings from hackers and malicious actors, simply by removing the chance of human error, and providing a constant level of protection from incursions that allows the security team the opportunity to work on their active response to threats.Learn more at Intelligent Building Europe 2020
At Intelligent Building Europe 2020, you can discover best practice when it comes to smart buildings in a full programme of seminars and presentations. Better still, you can complement that with converged security knowledge at the co-located IFSEC International 2020, which you can enter for free with your event badge. Sign up for your free ticket today and don’t miss out!